Re: smal2.0 assertion - assertion Issuer configuration

Re: smal2.0 assertion - assertion Issuer configuration

Administrator

Hi Ravin,
This is picked from entity message and the element is assertion-->samlIssuer -->issuer .. if you provide a valid value for this element, it is not going to be overridden by connect code. if you don't provide a default value, then CONNECT will default to SAML user.
<urn1:samlIssuer> <urn1:issuer>CN=<valid identity provider>,OU=connect,O=FHA,L=Melbourne,ST=FL,C=US</urn1:issuer> <urn1:issuerFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName</urn1:issuerFormat></urn1:samlIssuer>

Re: smal2.0 assertion - assertion Issuer configuration

hi Tabassum thank you for the reply. i dont know how can i change the message which entity component generate. this means do i need to change CONNECT code or is their a configuration form where this is picked up.

we have also created certificate with the same name (our CONNECT gateway machine name). it looks like DIL is reading the subject name from the SSL public cert . even if the change the value of issuer in the template it does not change it in the error message.

Re: smal2.0 assertion - assertion Issuer configuration

We are using java based (apache axis) webservice to call CONNECT. i think the issue is DIL is looking at the x509 cert and getting the subject name from the "CN" value of the public cert and validating it. and for some reason it does not like it.